Your search keyword '"Access Control"' showing total 1,173 results

1. On key assignment schemes and cryptographic enforcement mechanisms for information flow policies

Author

Farley, Naomi

Subjects

005.8, Cryptography, Access Control, key management

Abstract

Access control policies specify permissible interactions between users and system resources, and are typically enforced by trusted components. Third parties (e.g. cloud servers) may not be trusted to correctly enforce a policy, in which case cryptographic enforcement schemes (CESs) may be used. In this thesis, we consider the cryptographic enforcement of (read-only) information flow policies, which model hierarchies of security labels. For example, a symmetric key can be associated with each security label and used to encrypt associated objects. Users authorised for many labels may need to be issued many keys, which may be undesirable, particularly when user storage is limited. A key assignment scheme (KAS) allows a trusted entity to generate a 'small' secret for each user, from which all required keys can be derived. Key derivation may also rely on additional public information, which can be large and expensive to maintain. In this thesis, we propose three symmetric KASs that eliminate public derivation information. Our first KAS is based on partitioning the policy hierarchy into chains, which permits very efficient key derivation. We show how to construct a chain partition that minimises the cryptographic material required both in total and by any one user. We then show that working with trees, rather than chains, further reduces the material distributed to users and that tree partitions are quicker to find than chain partitions. We then design a space-efficient KAS that imposes a logarithmic bound on derivation cost. In the worst case, user material may be larger than in prior schemes; we therefore design heuristic approaches and provide experimental evidence that the resulting schemes compare favourably to existing schemes. Finally, we provide a definitional framework for CESs for read-only information flow policies, using which CESs can be proven correct and secure, and which helps identify limitations of primitives in CESs.

Published

2018

2. Completeness in languages for attribute-based access control

Author

Williams, Conrad

Subjects

005.8, Access Control, ABAC, XACML, Canonical Completeness, Functional Completeness, Belnap Logic, Jobe's Logic

Abstract

Access control restricts the interactions that are possible between users (or programs operating under the control of users) and sensitive resources, and is an essential component of any security architecture in multi-user computing systems. The most common means of implementing access control is to define an authorization policy, specifying which requests (that is, attempted user-resource interactions) are authorized and can thus be allowed. In recent years, we have seen the emergence of attribute-based access control (ABAC), in part to cater for open, distributed computing environments where it is not necessarily possible to authenticate all entities directly. The primary goal of this thesis is to improve the understanding and specification of ABAC languages. Our approach focuses on the connection between multi-valued logics (MVLs) and many ABAC languages present in the literature. We introduce the necessary theoretical foundations to analyse and reason about various properties of ABAC languages. This enables us to show that XACML, the predominant language for authoring ABAC policies, exhibits a number of shortcomings. We present extensions to the ABAC language PTaCL, and demonstrate how it may be modified to address the shortcomings identified in XACML. Later, we extend our foundations to lattice-based logics and languages, establishing new results about Belnap logic and its associated ABAC languages. Another major difficulty encountered in many ABAC languages is how to construct a desired policy using the operators defined in the given language. Even in languages that are known to be functionally complete, this is in general a non-trivial task. We present a novel solution to this problem: specifying policies in a tabular form. We demonstrate why representing policies in this manner is convenient, intuitive and flexible for policy authors, and provide a method for automatically compiling policy tables into a form that is machine-enforceable.

Published

2018

3. Cloud Security: Challenges and Solutions

Author

Li, Daoming, Chen, Qiang, Wang, Lun, Li, Daoming, Chen, Qiang, and Wang, Lun

Abstract

As cloud computing continues to grow and become integral to business operations, securing cloud environments has emerged as a critical concern. This paper explores the multifaceted challenges of cloud security and proposes solutions to mitigate these risks. We discuss the inherent vulnerabilities of cloud infrastructure, the complexities of data protection, and the difficulties in maintaining compliance and governance. Specifically, we address issues such as data breaches, insider threats, and the lack of visibility and control in cloud environments. Through comprehensive analysis and experimental data, we demonstrate the effectiveness of various security measures, including encryption, access control, Security Information and Event Management (SIEM) systems, and automated compliance management tools, in enhancing cloud security. The findings highlight best practices and strategies to safeguard cloud environments against evolving cyber threats, ensuring data integrity, confidentiality, and regulatory compliance.

Published

2024

4. A GENERALIZED NET MODEL FOR ACCESSING INFORMATION RESOURCES IN A SECURE ENVIRONMENT

Author

Kochankov, Miroslav, Iliev, Rosen, Kochankov, Miroslav, and Iliev, Rosen

Abstract

The purpose of the study is to describe and present the process of accessing information resources in a secure military computer network as generalized net model. A simulation of the model was carried out using specialized software for working with generalized nets - GN IDE, and the most important results are visualized in the report.

Published

2024

5. A Robust and Secure Data Access Scheme for Satellite-Assisted Internet of Things With Content Adaptive Addressing

Author

Ruan, Zhiqiang, Yang, Xu, Luo, Haibo, Yang, Xuechao, Miao, Yuan, Huang, Xinyi, Yi, Xun, Ruan, Zhiqiang, Yang, Xu, Luo, Haibo, Yang, Xuechao, Miao, Yuan, Huang, Xinyi, and Yi, Xun

Abstract

This article investigates data communication and access control in satellite-assisted Internet of Things (IoT). In particular, given the characteristics of an open communication environment, a multilayer heterogeneous network, and a time-varying topology in the space-air-ground-sea integrated network (SAGSIN), traditional data communication and security mechanisms built upon the TCP/IP architecture may not fully leverage their potential. Current networks are primarily responsible for end-to-end transmission of binary data, lacking the capability to semantically perceive and handle dynamic and decentralized content. This leads to significant performance gaps in the network. In other words, it is better to retrieve expected information directly from the network and perform content protection on it with low dependency. We propose data access scheme with robust and secure content communication (DARS), a data access scheme with robust and secure content communication for Satellite-assisted IoT (S-IoT), leveraging the architectural benefits of content centric networks and rich attributes of IoT. DARS enables automatic data retrieval and access control without additional mechanisms, such as online certificate distribution, homogeneous network, and other presuppositions, which facilitates DARS to be applied in various environments. Additionally, DARS integrates a combination of techniques, including semantic representation, cryptographic technologies, and content caching, from a network-centric perspective. Theoretical analysis and experimental simulations show that DARS simplifies system operations and offers a viable solution for satellite-assisted IoT-based applications.

Published

2024

6. An Adaptive Secure and Practical Data Sharing System With Verifiable Outsourced Decryption

Author

Xu, Shengmin, Han, Xingshuo, Xu, Guowen, Ning, Jianting, Huang, Xinyi, Deng, Robert H., Xu, Shengmin, Han, Xingshuo, Xu, Guowen, Ning, Jianting, Huang, Xinyi, and Deng, Robert H.

Abstract

Cloud computing is the widespread acceptance of a promising paradigm offering a substantial amount of storage and data services on demand. To preserve data confidentiality, many cryptosystems have been introduced. However, current solutions are incompatible with the resource-constrained end-devices because of a variety of vulnerabilities in terms of practicality and security. In this article, we propose a practical and secure data-sharing system by introducing a new design of attribute-based encryption with verifiable outsourced decryption-attribute-based encryption (VO-ABE for short). Our system offers: (1) data sharing at a fine-grained level; (2) a scalable key issuing protocol without any secure channel; (3) a verifiable outsourced decryption mechanism for resource-constrained end-devices against the malicious cloud service provider; and (4) adaptive security against the real-world attacks. To formalize our solution with cryptographic analysis, we present the formal definition of VO-ABE and its concrete construction with provable security. In particular, our design leverages the techniques of the traditional ABE, verifiable outsourced decryption, and randomness extractor to support fine-grained access control, cost-effective data sharing, and security assurance with high entropy. Moreover, our design is provably secure in the adaptive model under the standard assumption, which offers a stronger security guarantee since the state-of-the-art solution is selectively secure under the non-standard assumption and suffers from a variety of real-world attacks. The implementation and evaluation demonstrate that our solution enjoys superior functionality and better performance than the relevant solutions. More importantly, our solution is compatible with the resource-constrained end-devices since the decryption mechanism takes around 1.1 ms and is 22.7x faster than the state-of-the-art solution.

Published

2024

7. Secure Medical Digital Twins: A Use-Case Driven Approach

Author

Ahmad, S, Bartelt, B, Enzmann, M, Kohlhammer, J, Wesarg, S, Wolf, R, Ahmad, S, Bartelt, B, Enzmann, M, Kohlhammer, J, Wesarg, S, and Wolf, R

Published

2024

8. Managing Network Security in Cloud Computing: Analyzing Vulnerabilities and Implementing Effective Defense Strategies

Author

Zhang, Qianfeng, Wang, Lun, Li, Daoming, Zhang, Qianfeng, Wang, Lun, and Li, Daoming

Abstract

Cloud computing has revolutionized the way businesses operate, offering unparalleled flexibility, scalability, and cost savings. However, the shift to cloud environments has also introduced new security challenges. This paper delves into the network security aspects of cloud computing, analyzing vulnerabilities inherent to cloud architectures and proposing robust defense strategies. Through a comprehensive review of existing literature and case studies, the paper provides insights into the complexities of securing cloud networks, with a focus on management practices. It also explores emerging technologies and methodologies that can enhance the security posture of cloud-based systems.In addition to identifying key vulnerabilities such as data breaches, misconfigurations, and insider threats, this study highlights the importance of continuous monitoring and incident response in mitigating security risks. Furthermore, the paper emphasizes the role of management in enforcing security policies, ensuring compliance, and fostering a culture of cybersecurity awareness. By integrating traditional security measures with innovative approaches like AI-driven threat detection and zero-trust architectures, the paper outlines a comprehensive framework for effectively managing network security in cloud environments.

Published

2024

9. A Blockchain Based Scalable Domain Access Control Framework for Industrial Internet of Things

Author

Usman, Muhammad, Sarfraz, Muhammad Shahzad, Aftab, Muhammad Umar, Habib, Usman, Javed, Saleha, Usman, Muhammad, Sarfraz, Muhammad Shahzad, Aftab, Muhammad Umar, Habib, Usman, and Javed, Saleha

Abstract

Industrial Internet of Things (IIoT) applications consist of resource constrained interconnected devices that make them vulnerable to data leak and integrity violation challenges. The mobility, dynamism, and complex structure of the network further make this issue more challenging. To control the information flow in such environments, access control is critical to make collaboration and communication safe. To deal with these challenges, recent studies employ attribute-based access control on top of blockchain technology. However, the attribute-based access control frameworks suffer due to high computational overhead. In this paper, we propose an improved role-based access control framework using hyperledger blockchain to deal with IIoT requirements with less computational overhead making the information control process more efficient and real-time. The proposed framework leverages a layered architecture of chaincodes to implement the improved access control framework that handles the permission delegation and conflict management to deal with the dynamism of the IIoT network. The system uses a Policy Contract, Device Contract, and Access Contract to manage the workflow of the whole access control process. Each chaincode in the proposed framework is isolated in terms of its responsibilities to make the design low coupled. The integration of improved access control with blockchain enables the proposed framework to provide a highly scalable solution, tamper-proof, and flexible to manage conflicting scenarios. The proposed system outperforms the recent studies significantly in computational overhead in extensive simulation results. To verify the scalability and efficiency, the proposed is evaluated against a large number of concurrent virtual clients in simulation and statistical analysis proves that the proposed system is promising for further research in this domain., Validerad;2024;Nivå 2;2024-06-28 (hanlid);Full text license: CC BY

Published

2024

10. Permission-Based Dynamic Access Control Models for Enhanced Data Security : Integrating Contextual Awareness and Role Flexibility for Secure Healthcare Data Management

Author

Almohammad Alsaleh, Sabah and Almohammad Alsaleh, Sabah

Abstract

This thesis explores the integration of Role-Based Access Control (RBAC) and Attribute-Based Access Control (ABAC) within a distributed microservices architecture to create a dynamic and context-aware access control system, specifically tailored for healthcare environments. Traditional RBAC systems, while effective for managing permissions through predefined roles, often lack the flexibility to address complex, dynamic scenarios, such as temporary access needs, location-based restrictions, and emergency situations. ABAC offers the granularity needed for these contexts by evaluating a wide range of attributes in real-time. The hybrid RBAC-ABAC model proposed in this study combines the structured role management of RBAC with the dynamic flexibility of ABAC, creating a more robust and adaptable access control mechanism. The prototype implementation demonstrates the system's ability to handle diverse access control scenarios, improving security, scalability, and operational efficiency. This research contributes to the development of more secure and flexible data management systems, with significant implications for enhancing security and operational efficiency in healthcare and similar environments., Denna avhandling utforskar integrationen av rollbaserad åtkomstkontroll (RBAC) och attributbaserad åtkomstkontroll (ABAC) inom en distribuerad mikrotjänstarkitektur för att skapa ett dynamiskt och kontextmedvetet åtkomstkontrollsystem, särskilt anpassat för vårdmiljöer. Traditionella RBAC-system, även om de är effektivaför att hantera behörigheter genom fördefinierade roller, saknar ofta flexibilitetenatt hantera komplexa och dynamiska scenarier, såsom temporära åtkomstbehov, platsbaserade restriktioner och nödsituationer. ABAC erbjuder den nödvändiga granulariteten för dessa sammanhang genom att utvärdera ett brett spektrum av attribut i realtid. Den hybridmodell som föreslås i denna studie kombinerar RBAC strukturerade rollhantering med ABAC dynamiska flexibilitet, vilket skapar en mer robust och anpassningsbar åtkomstkontrollmekanism. Prototypimplementeringen visar systemets förmåga att hantera olika åtkomstkontrollscenarier, vilket förbättrar säkerhet, skalbarhet och operativ effektivitet. Denna forskning bidrar till utvecklingen av mer säkra och flexibla datahanteringssystem, med betydande konsekvenser för att förbättra säkerhet och operativ effektivitet inom vården och liknande miljöer.

Published

2024

11. Implementering av Zero Trust i ett händelsestyrt meddelandesystem

Author

Wilson, Paul-Stefan Luay, Bahadi, Georges, Wilson, Paul-Stefan Luay, and Bahadi, Georges

Abstract

Denna rapport adresserar den centrala problemställningen kring säkerheten i händelsestyrda meddelandesystem genom att undersöka och implementera Zero Trust-arkitektur. Problemet är av stor relevans på grund av den ökande användningen av sådana system och det växande behovet av robusta säkerhetslösningar för att hantera utmaningar relaterade till asynkron kommunikation och datahantering. Zero Trust-modellen erbjuder en innovativ strategi för att förstärka säkerheten genom att eliminera implicit tillit och istället kontinuerligt verifiera användare och enheter, vilket gör det särskilt lämpligt för dynamiska och distribuerade system. Genom att utforska och analysera egenskaperna hos händelsestyrda meddelandesystem och identifiera de utmaningar som de presenterar för säkerhetsarkitekturen, undersöker rapporten en mängd olika metoder för att genomföra Zero Trust-principen. Genom en noggrann integrering av dessa metoder framhäver rapporten en effektiv och skalbar lösning för att säkra och skydda känsliga resurser och data i händelsestyrda meddelandesystem. Den presenterade lösningen belyser värdet av Zero Trust som en tillförlitlig modell för att hantera säkerhetsrisker och säkerställa en hållbar och robust arkitektur för asynkron kommunikation i moderna IT-system., This report addresses the central issue of security in event-driven messaging systems by examining and implementing Zero Trust architecture. The problem is highly relevant due to the increasing use of such systems and the growing need for robust security solutions to manage challenges related to asynchronous communication and data handling. The Zero Trust model offers an innovative approach to enhancing security by eliminating implicit trust and instead continuously verifying users and devices, making it particularly suitable for dynamic and distributed systems. By exploring and analyzing the characteristics of event-driven messaging systems and identifying the challenges they present for security architecture, the report investigates various methods for implementing the Zero Trust principle. Through careful integration of these methods, the report highlights an effective and scalable solution for securing and protecting sensitive resources and data in event-driven messaging systems. The presented solution underscores the value of Zero Trust as a reliable model for addressing security risks and ensuring a sustainable and robust architecture for asynchronous communication in modern IT systems.

Published

2024

12. Mapping out the Key Security Components in Relational Databases (MK-SCoRe) : Enhancing the Security of Relational Database Technology

Author

Alobaidi, Murtadha, Trabulsiah, Abdullah, Alobaidi, Murtadha, and Trabulsiah, Abdullah

Abstract

Relational database security has become an increasingly important issue for organizations worldwide in the current era of data-driven operations. The urgent need for an extensive knowledge of relational database security components in relational databases is addressed in this thesis. Database security is constantly improving, but there is still a lack of research that analyzes these important factors. Because of this gap, databases are not sufficiently secured from new cyber threats, which endangers its accessibility, confidentiality, and integrity. The problem that the thesis addresses is the lack of comprehensive research covering all key security components in relational databases which, presents a challenge for organizations seeking to comprehensively secure their database systems. The purpose of this thesis is to systematically map the key security components essential to relational databases. The goal is to assist organizations and Database professionals to secure their relational databases against diverse cyber threats. Using a qualitative and exploratory methodology, the research analyzes a wide range of literature on database security. The research offers a balanced and comprehensive perspective on the current security landscape in relational databases by integrating theoretical study with structured interviews. This method guarantees that all essential security components is fully investigated. The results of this thesis involve a detailed mapping of the key security components within relational databases, which are uniquely informed by a combination of academic research and empirical findings from structured interviews with Database security experts. This thesis analyzes these security components based on how well they address current security threats, how well they secure databases, and how well they can adapt to different organizational needs., Säkerhet i relationsdatabaser har blivit en allt viktigare fråga för organisationer världen över i den nuvarande eran av datadriven verksamhet. I den här avhandlingen behandlas det akuta behovet av en omfattande kunskap om säkerhetskomponenter för relationsdatabaser i relationsdatabaser. Databassäkerheten förbättras ständigt, men det finns fortfarande en brist på forskning som analyserar dessa viktiga faktorer. På grund av denna brist är databaser inte tillräckligt skyddade mot nya cyberhot, vilket äventyrar deras tillgänglighet, konfidentialitet och integritet. Problemet som avhandlingen tar upp är bristen på omfattande forskning som täcker alla viktiga säkerhetskomponenter i relationsdatabaser, vilket utgör en utmaning för organisationer som vill säkra sina databassystem på ett heltäckande sätt. Syftet med denna avhandling är att systematiskt kartlägga de viktigaste säkerhetskomponenterna som är väsentliga för relationsdatabaser. Målet är att hjälpa organisationer och databasspecialister att säkra sina relationsdatabaser mot olika cyberhot. Med hjälp av en kvalitativ och explorativ metod analyseras ett brett spektrum av litteratur om databassäkerhet. Forskningen erbjuder ett balanserat och omfattande perspektiv på det nuvarande säkerhetslandskapet i relationsdatabaser genom att integrera teoretiska studier med strukturerade intervjuer. Denna metod garanterar att alla väsentliga säkerhetskomponenter undersöks fullständigt. Resultatet av denna avhandling innebär en detaljerad kartläggning av de viktigaste säkerhetskomponenterna inom relationsdatabaser, som är unikt informerade av en kombination av akademisk forskning och empiriska resultat från strukturerade intervjuer med databassäkerhetsexperter. Denna avhandling analyserar dessa säkerhetskomponenter utifrån hur väl de hanterar aktuella säkerhetshot, hur väl de säkrar databaser och hur väl de kan anpassas till olika organisatoriska behov.

Published

2024

13. Privacy-Preserving Techniques in IoT: Investigating methods to protect user privacy while utilizing data in IoT systems

Author

Rodriguez, Prof. Maria and Rodriguez, Prof. Maria

Abstract

In the era of the Internet of Things (IoT), the proliferation of connected devices has revolutionized various aspects of our lives, from smart homes to industrial automation. However, this connectivity also raises significant privacy concerns, as vast amounts of data are collected, transmitted, and processed by IoT systems. This paper presents an in-depth analysis of privacy-preserving techniques in IoT, focusing on methods to protect user privacy while utilizing data in IoT systems. We discuss the challenges posed by IoT data collection and processing, including the risk of unauthorized access, data breaches, and privacy violations. We then review existing privacy-preserving techniques, such as encryption, anonymization, and access control, highlighting their strengths and limitations. Additionally, we explore emerging technologies, such as homomorphic encryption and differential privacy, and their potential applications in IoT privacy protection. Finally, we discuss future research directions and open challenges in the field of privacy-preserving techniques in IoT.

Published

2024

14. XACML2mCRL2: Automatic transformation of XACML policies into mCRL2 specifications

Author

Arshad, Hamed, Horne, Ross, Johansen, Christian, Owe, Olaf, Willemse, Tim A.C., Arshad, Hamed, Horne, Ross, Johansen, Christian, Owe, Olaf, and Willemse, Tim A.C.

Abstract

The eXtensible Access Control Markup Language (XACML) is a popular OASIS standard for the specification of fine-grained access control policies. However, the standard does not provide a proper solution for the verification of XACML access control policies before their deployment. The first step for the formal verification of XACML policies is to formally specify such policies. Hence, this paper presents XACML2mCRL2, a tool for the automatic translation of XACML access control policies into mCRL2. The mCRL2 specifications generated by our tool can be used for formal verification of important properties of access control policies, such as completeness or inconsistency, using the well-known mCRL2 toolset.

Published

2024

15. Achieving secure and efficient access control of personal health records in a storage cloud

Author

Binbusayyis, Adel, Zhang, Ning, and Paton, Norman

Subjects

004, User Trust Awareness, Personal Health Records (PHRs), Access Control, Attribute Based Encryption (ABE)

Abstract

A personal health record (PHR) contains health data about a patient, which is maintained by the patient. Patients may share their PHR data with a wide range of users such as healthcare providers and researchers through the use of a third party such as a cloud service provider. To protect the confidentiality of the data and to facilitate access by authorized users, patients use Attribute-Based Encryption (ABE) to encrypt the data before uploading it onto the cloud servers. With ABE, an access policy is defined based on users' attributes such as a doctor in a particular hospital, or a researcher in a particular university, and the encrypted data can only be decrypted if and only if a user's attributes comply with the access policy attached to a data object. Our critical analysis of the related work in the literature shows that existing ABE based access control frameworks used for sharing PHRs in a storage cloud can be enhanced in terms of scalability and security. With regard to scalability, most existing ABE based access control frameworks rely on the use of a single attribute authority to manage all users, making the attribute authority into a potential bottleneck regarding performance and security. With regard to security, the existing ABE based access control frameworks assume that all users have the same level of trust (i.e. they are equally trustworthy) and all PHR data files have the same sensitivity level, which means that the same protection level is provided. However, in our analysis of the problem context, we have observed that this assumption may not always be valid. Some data, such as patients' personal details and certain diseases, is more sensitive than other data, such as anonymised data. Access to more sensitive data should be governed by more stringent access control measures. This thesis presents our work in rectifying the two limitations highlighted above. In doing so, we have made two novel contributions. The first is the design and evaluation of a Hierarchical Attribute-Based Encryption (HABE) framework for sharing PHRs in a storage cloud. The HABE framework can spread the key management overheads imposed on a single attribute authority tasked with the management of all the users into multiple attribute authorities. This is achieved by (1) classifying users into different groups (called domains) such as healthcare, education, etc., (2) making use of multiple attribute authorities in each domain, (3) structuring the multiple attribute authorities in each domain in a hierarchical manner, and (4) allowing each attribute authority to be responsible for managing particular users in a specific domain, e.g. a hospital or a university. The HABE framework has been analyzed and evaluated in term of security and performance. The security analysis demonstrates that the HABE framework is resistant to a host of security attacks including user collusions. The performance has been analyzed in terms of computational and communication overheads and the results show that the HABE framework is more efficient and scalable than the most relevant comparable work. The second novel contribution is the design and evaluation of a Trust-Aware HABE (Trust+HABE) framework, which is an extension of the HABE framework. This framework is also intended for sharing PHRs in a storage cloud. The Trust+HABE framework is designed to enhance security in terms of protecting access to sensitive PHR data while keeping the overhead costs as low as possible. The idea used here is that we classify PHR data into different groups, each with a distinctive sensitivity level. A user requesting data from a particular group (with a given sensitivity level) must demonstrate that his/her trust level is not lower than the data sensitivity level (i.e. trust value vs data sensitivity verification). A user's trust level is derived based on a number of trust-affecting factors, such as his/her behaviour history and the authentication token type used to identify him/herself etc. For accessing data at the highest sensitivity level, users are required to get special permissions from the data owners (i.e. the patients who own the data), in addition to trust value vs data sensitivity verification. In this way, the framework not only adapts its protection level (in imposing access control) in response to the data sensitivity levels, but also provides patients with more fine-grained access control to their PHR data. The Trust+HABE framework is also analysed and evaluated in term of security and performance. The performance results from the Trust+HABE framework are compared against the HABE framework. The comparison shows that the additional computational, communication, and access delay costs introduced as the result of using the trust-aware approach to access control in this context are not significant compared with computational, communication, and access delay costs of the HABE framework.

Published

2017

16. On the use of attribute-based encryption in publicly verifiable outsourced computation

Author

Alderman, James

Subjects

005.8, Publicly Verifiable Outsourced Computation, Attribute-based Encryption, Access Control, Revocation, Delegation

Abstract

Publicly verifiable outsourced computation (PVC) allows devices with restricted resources to delegate computations to external servers, and to verify the correctness of results. Servers may be rewarded per computation, and so have an incentive to cheat rather than devote resources to a computation. Also, within an organisation, it is likely that individual user permissions will vary and so outsourced actions should be restricted accordingly. This gives rise to two interesting problems in the PVC setting addressed in this thesis: finding a method to revoke and punish cheating servers; and enforcing access control policies that restrict the computations each entity may outsource, compute or read the results of. In this thesis, we use primitives traditionally used to cryptographically enforce access control policies to construct secure PVC systems that meet these requirements. We first extend prior PVC schemes based on key-policy attribute-based encryption (ABE) to accommodate a broader system model where servers may compute multiple functions and be prevented from performing further computations if found cheating. We then show how a key assignment scheme can provide flexible access control over entities. Finally, we consider an alternative scenario in which input data is held by the server rather than the client, and construct a provably secure instantiation based on ciphertext-policy ABE. We conclude by showing that dual-policy ABE can accommodate both models of outsourced computation and provide a level of access control within a single system.

Published

2016

17. A trust-based adaptive access control model for wireless sensor networks

Author

Maw, Htoo Aung

Subjects

610.28, wireless sensor network, electronic healthcare, access control, user behaviour, trust management, overriding access policy

Abstract

Wireless Sensor Networks (WSNs) have recently attracted much interest in the research community because of their wide range of applications. One emerging application for WSNs involves their use in healthcare where they are generally termed Wireless Medical Sensor Networks (WMSNs). In a hospital, fitting patients with tiny, wearable, wireless vital sign sensors would allow doctors, nurses and others to continuously monitor the state of those in their care. In the healthcare industry, patients are expected to be treated in reasonable time and any loss in data availability can result in further decline in the patient's condition or can even lead to death. Therefore, the availability of data is more important than security concerns. The overwhelming priority is to take care of the patient, but the privacy and confidentiality of that patient's medical records cannot be neglected. In current healthcare applications, there are many problems concerning security policy violations such as unauthorised denial of use, unauthorised information modification and unauthorised information release of medical data in the real world environment. Current WSN access control models used the traditional Role-Based Access Control (RBAC) or cryptographic methods for data access control but the systems still need to predefine attributes, roles and policies before deployment. It is, however, difficult to determine in advance all the possible needs for access in real world applications because there may be unanticipated situations at any time. This research proceeds to study possible approaches to address the above issues and to develop a new access control model to fill the gaps in work done by the WSN research community. Firstly, the adaptive access control model is proposed and developed based on the concept of discretionary overriding to address the data availability issue. In the healthcare industry, there are many problems concerning unauthorised information release. So, we extended the adaptive access control model with a prevention and detection mechanism to detect security policy violations, and added the concept of obligation to take a course of action when a restricted access is granted or denied. However, this approach does not consider privacy of patients' information because data availability is prioritised. To address the conflict between data availability and data privacy, this research proposed the Trust-based Adaptive Access Control (TBA2C) model that integrates the concept of trust into the previous model. A simple user behaviour trust model is developed to calculate the behaviour trust value which measures the trustworthiness of the users and that is used as one of the defined thresholds to override access policy for data availability purpose, but the framework of the TBA2C model can be adapted with other trust models in the research community. The trust model can also protect data privacy because only a user who satisfies the relevant trust threshold can get restricted access in emergency and unanticipated situations. Moreover, the introduction of trust values in the enforcement of authorisation decisions can detect abnormal data access even from authorised users. Ponder2 is used to develop the TBA2C model gradually, starting from a simple access control model to the full TBA2C. In Ponder2, a Self-Managed Cell (SMC) simulates a sensor node with the TBA2C engine inside it. Additionally, to enable a full comparison with the proposed TBA2C model, the Break-The-Glass Role Based Access Control (BTGRBAC) model is redesigned and developed in the same platform (Ponder2). The proposed TBA2C model is the first to realise a flexible access control engine and to address the conflict between data availability and data privacy by combining the concepts of discretionary overriding, the user behaviour trust model, and the prevention and detection mechanism.

Published

2015

18. Towards a worldwide storage infrastructure

Author

Quintard, Julien, Bacon, Jean, and Beresford, Alastair

Subjects

004.2, File system, Peer-to-peer, Decentralised, Access control, Administration, Naming, Byzantine

Abstract

Peer-to-peer systems have recently gained a lot of attention in the academic community especially through the design of KBR (Key-Based Routing) algorithms and DHT (Distributed Hash Table)s. On top of these constructs were built promising applications such as video streaming applications but also storage infrastructures benefiting from the availability and resilience of such scalable network protocols. Unfortunately, rare are the storage systems designed to be scalable and fault-tolerant to Byzantine behaviour, conditions required for such systems to be deployed in an environment such as the Internet. Furthermore, although some means of access control are often provided, such file systems fail to offer the end-users the flexibility required in order to easily manage the permissions granted to potentially hundreds or thousands of end-users. In addition, as for centralised file systems which rely on a special user, referred to as root on Unices, distributed file systems equally require some tasks to operate at the system level. The decentralised nature of these systems renders impossible the use of a single authoritative entity for performing such tasks since implicitly granting her superprivileges, unacceptable configuration for such decentralised systems. This thesis addresses both issues by providing the file system objects a completely decentralised access control and administration scheme enabling users to express access control rules in a flexible way but also to request administrative tasks without the need for a superuser. A prototype has been developed and evaluated, proving feasible the deployment of such a decentralised file system in large-scale and untrustworthy environments.

Published

2012

19. Demonstrate and document : the development of a best practice model for biometric access control management

Author

Norris-Jones, Lynne, Oatley, Giles, and Cleary, Pat

Subjects

006.4, biometric, access control, fingerprint scanning, facial recognition, Maslow's Hierarchy of Needs, Utilitarianism, Psychological Contract, "Best Practice Model", Code of Practice (ISO/IEC 21002 lnformation Technology - Security techniques - Code of Practice for Information Security Management)

Abstract

This thesis investigates the social, legal and ethical perceptions of participants towards the implementation of biometric access control systems within a sample of United Kingdom work-based environments. It focuses on the application of fingerprint scanning and facial recognition systems, whilst alluding to the development of more advanced (bleeding edge) technologies in the future. The conceptual framework is based on a tripartite model in which Maslow's Hierarchy of Needs is applied to the workforce whilst the principles of Utilitarianism and the Psychological Contract are applied to both management strategies and workforce perceptions. A qualitative paradigm is used in which semi-structured interviews are conducted with management and workforce participants within a sample of United Kingdom-based organisations (represented by Case Studies A-D). Discourse from these interviews are analysed, leading to the development of a series of first-cut findings for suggested "Best Practice " in the social, legal and ethical management of biometric access control systems. This process is subsequently developed with a refined sample of respondents (Case Studies A and C) culminating in the presentation of a suggested "Best Practice Model" for application to all four case studies. The model is based upon elements of a pre-determined Code of Practice (ISO/IEC 27002lnformation Technology - Security techniques - Code of Practice for Information Security Management) towards fostering acceptance of biometric technology within the workplace, in answering the question: How should organisations using biometric access control systems address social, legal and ethical concerns in the management of specific working environments in the United Kingdom?

Published

2011

20. Automated Management of Attribute-Based Policies for Access Control using Tag-Matching

Author

Chiquito, Alex, Bodin, Ulf, Schelén, Olov, Chiquito, Alex, Bodin, Ulf, and Schelén, Olov

Abstract

Data sharing is becoming increasingly important as organizations seek to improve their operations and gain a competitive advantage. The data sharing between organizations, stakeholders, and even internal teams requires access control policies that define who can access what data, under what circumstances, and for what purposes.Attribute-based access control (ABAC) provides a flexible and fine-grained mechanism for enforcing such policies, preventing data leakage, and improving security and compliance. A challenge is that these policies should be able to support the agility and adaptability of constantly evolving modern industrial systems, where new data sources, services, and users are frequently added and removed. As the number of data sources and associated policies grows, the manual management of ABAC policies in evolving systems becomes a bottleneck, which prevents the adoption of fine-grained access control mechanisms. This paper presents a model based on tag-matching to automate the process of connecting new data sources and users to existing access control policies. In the proposed model, tag-matching means matching metadata elements to policy attributes to reduce the administrative work of managing access policies. The model takes advantage of the identity abstraction of ABAC policies to connect existing rules between attributes and the target resource or user. We present a proof-of-concept implementation of the tag-matching model in Eclipse Arrowhead and provide an evaluation of the proposed solution., Funder: Mine.io research project (grant no. 101091885);ISBN for host publication: 979-8-3503-3183-7 (print), 979-8-3503-3182-0 (electronic)

Published

2023

21. On Efficiency and Usability of Group Signatures on Smartphone and Single-board Platforms

Author

Dobiáš, Patrik, Malina, Lukáš, Ilgner, Petr, Dzurenda, Petr, Dobiáš, Patrik, Malina, Lukáš, Ilgner, Petr, and Dzurenda, Petr

Abstract

With increasing digitalization and omnipresent data sensing, security and users’ privacy become essential requirements in new digital services. Group Signatures (GS) or also known as Anonymous Digital Signatures (ADS) are often used as a core Privacy-Enhancing Technology (PET) in order to keep users’ privacy during their access and/or authentication phases within ensuring the security of provided services. In this work, we provide a comprehensive assessment of group signatures on various small computing platforms typically used in modern digital services. Based on our analysis of well-established GS schemes and their libraries, we implement and evaluate chosen schemes on both well-known smartphone platforms (i.e., Android, iOS) and on a single-board computer. Our results indicate that current handheld devices can already effectively perform main group signatures’ phases and make these schemes practical for deployment in various privacy-requiring scenarios.

Published

2023

22. Implementation of a simplified Access Control language using JSON

Author

Universitat Politècnica de Catalunya. Departament d'Arquitectura de Computadors, Delgado Mercè, Jaime, Bertran Serrano, Albert, Universitat Politècnica de Catalunya. Departament d'Arquitectura de Computadors, Delgado Mercè, Jaime, and Bertran Serrano, Albert

Abstract

The aim of this project is to develop an access control validator specifically tailored for image resources using a simplified version of XACML (eXtensible Access Control Markup Language) called JACSON, which is based on JSON instead of XML. Building upon the existing specification of JACSON achieved by a previous project, the validator will be responsible for validating requests against access control policies for images, and it will provide a response indicating whether the request for access to the resource should be allowed or denied. Additionally, this project will include the development of a demonstration application to showcase the correct implementation of the validator and propose possible use cases for the validator., El objetivo de este proyecto es desarrollar un validador de control de acceso específicamente adaptado para imágenes utilizando una versión simplificada de XACML (eXtensible Access Control Markup Language) llamado JACSON, que se basa en JSON en lugar de XML. Basándose en la especificación existente de JACSON realizada por un proyecto anterior, el validador será responsable de validar las solicitudes contra las políticas de control de acceso para imágenes, y proporcionará una respuesta que indique si la solicitud de acceso al recurso debe ser permitida o rechazada. Además, este proyecto incluirá el desarrollo de una aplicación de demostración para mostrar la correcta implementación del validador y proponer posibles casos de uso para el validador., L'objectiu d'aquest projecte és desenvolupar un validador de control d'accés adaptat específicament per a imatges utilitzant una versió simplificada de XACML (eXtensible Access Control Markup Language) anomenat JACSON, que es basa en JSON en lloc d'XML. Basant-se en l'especificació existent de JACSON realitzada per un projecte anterior, el validador serà responsable de validar les sol·licituds contra les polítiques de control d'accés per a imatges, i proporcionarà una resposta que indiqui si la sol·licitud d'accés al recurs ha de ser permesa o rebutjada. A més, aquest projecte inclourà el desenvolupament d'una aplicació de demostració per mostrar la implementació correcta del validador i proposar-ne possibles casos d'ús.

Published

2023

23. Adding security to existing IoMT protocols. Analysis and integration

Author

Universitat Politècnica de Catalunya. Departament d'Arquitectura de Computadors, Delgado Mercè, Jaime, Zhou, Yuanyu, Universitat Politècnica de Catalunya. Departament d'Arquitectura de Computadors, Delgado Mercè, Jaime, and Zhou, Yuanyu

Abstract

Numerous protocols to communicate Medical IoT (i.e., IoMT) devices exist. However, the security aspects are not fully solved. This thesis aims to analyse existing security limitations among the different components of an IoMT and proposes the implementation of application level solutions utilizing open-source software whenever feasible. Subsequently, appropriate security measures will be implemented to guarantee the integrity and confidentiality of the generated information, with the inclusion of an access mechanism to regulate the retrieval of sensitive data., Existen numerosos protocolos para comunicar dispositivos de IoT médicos (es decir, IoMT). Sin embargo, los aspectos de seguridad no están completamente resueltos. Esta tesis tiene como objetivo analizar las limitaciones de seguridad existentes entre los diferentes componentes de un IoMT y propone la implementación de soluciones a nivel de aplicación utilizando software de código abierto siempre que sea posible. Posteriormente, se implementarán medidas de seguridad adecuadas para garantizar la integridad y confidencialidad de la información generada, con la inclusión de un mecanismo de acceso para regular la recuperación de datos sensibles., Hi ha diversos protocols per comunicar dispositius de IoT mèdics (és a dir, IoMT). No obstant això, els aspectes de seguretat no estan completament resolts. Aquesta tesi té com a objectiu analitzar les limitacions de seguretat existents entre els diferents components d'un IoMT i proposa la implementació de solucions a nivell d'aplicació utilitzant programari de codi obert sempre que sigui possible. Posteriorment, s'implementaran mesures de seguretat adequades per garantir la integritat i confidencialitat de la informació generada, amb la inclusió d'un mecanisme d'accés per regular la recuperació de dades sensibles.

Published

2023

24. Increasing Efficiency and Scalability in AWS IAM by Leveraging an Entity-centric Attribute- & Role-based Access Control (EARBAC) Model

Author

Karlsson, Rasmus, Jönrup, Pontus, Karlsson, Rasmus, and Jönrup, Pontus

Abstract

Cloud computing is becoming increasingly popular among all types of companies due to its inherent benefits. However, because of its infrastructure, it might be difficult to manage access rights between users and resources. To address these difficulties, Amazon Web Services (AWS) provides Identity and Access Management (IAM) and features that support the use of different access control models, for example, Role-based Access Control (RBAC) and Attribute-based Access Control (ABAC). Access control models are used for authorisation within systems to decide who gets access to what. Therefore, to determine what constitutes an efficient (the average time it takes to perform a task in AWS IAM) and secure access control model, a thorough study of background material and related work was conducted. Through this study, it was found that RBAC lacked scalability whilst ABAC lacked administrative capabilities. It was also found that flexibility and scalability were two important factors when designing access control models. Furthermore, by conducting a survey and designing an access control model for AWS through various iterations, a new access control model called Entity-centric Attribute- & Role-based Access Control (EARBAC) was developed. In an experiment comparing it with the RBAC model, the EARBAC model was found to be both efficient and secure, in addition to its flexibility and scalability. Furthermore, EARBAC was also found to be 27% faster than RBAC in AWS IAM. These results suggest that the model is useful when developing cloud infrastructures in AWS.

Published

2023

25. Towards Certified Distributed Query Processing

Author

Alam, Mehwish, Trojahn, Cassia, Hertling, Sven, Pesquita, Catia, Aebeloe, Christian, Aras, Hidir, Azzam, Amr, Cano, Juan, Domingue, John, Gottschalk, Simon, Rohde, Philipp, Rohde, Philipp D., Vidal, Maria-Esther, Alam, Mehwish, Trojahn, Cassia, Hertling, Sven, Pesquita, Catia, Aebeloe, Christian, Aras, Hidir, Azzam, Amr, Cano, Juan, Domingue, John, Gottschalk, Simon, Rohde, Philipp, Rohde, Philipp D., and Vidal, Maria-Esther

Abstract

In recent years, knowledge graphs (KGs) have gained more and more importance. As a consequence of that, the number of publicly accessible KGs is increasing. Due to their adoption in many areas, KGs are used in numerous different applications. However, these knowledge graph applications are not developed by the data owners and they might collect data from several linked KGs. It is therefore essential that systems accessing KGs are certified, i.e., each component is certified for a specific use by an entity or agency. In addition, a trace of the performed operations and used data is needed in order to verify that all requirements were met, e.g., some data cannot be transferred from the source to any other component due to privacy restrictions. This work describes the vision of certified distributed querying in the context of an analytics platform. Challenges for such systems are identified and discussed. © 2023 Copyright for this paper by its authors.

Published

2023

26. Linking Contexts from Distinct Data Sources in Zero Trust Federation

Author

70783059, 20204018, Hirai, Masato, Kotani, Daisuke, Okabe, Yasuo, 70783059, 20204018, Hirai, Masato, Kotani, Daisuke, and Okabe, Yasuo

Abstract

An access control model called Zero Trust Architecture (ZTA) has attracted attention. ZTA uses information of users and devices, called context, to verify access requests. Zero Trust Federation (ZTF) has been proposed as a framework for extending an idea of identity federation to support ZTA. ZTF defines CAP as the entity that collects context and provides it to each organization (Relying Party; RP) that needs context for verification based on ZTA. For precise verification, CAPs need to collect context from various data sources. However, ZTF did not provide a method for collecting context from data sources other than RP. In this research, as a general model for collecting context in ZTF, we propose a method of linking identifiers between the data source and CAP. This method provides a way to collect context from some of such data sources in ZTF. Then, we implemented our method using RADIUS and MDM as data sources and confirmed that their contexts could be collected and used.

Published

2023

27. Role Mining With Hierarchical Clustering and Binary Similarity Measures

Author

Olsson, Magnus and Olsson, Magnus

Abstract

Role engineering, a critical task in role-based access control systems, is the process of identifying a complete set of roles that accurately reflect the structure of an organization. Role mining, a data-driven approach, utilizes data mining techniques on user-permission assignments represented as binary data to automatically derive these roles. However, relying solely on data-driven methods often leads to the generation of a large set of roles lacking interpretability. To address this limitation, this thesis presents a role mining algorithm, whose results can be viewed as an initial step in the role engineering process, in order to streamline the task of defining semantically meaningful roles, where human analysis is an inevitable post-processing step. The algorithm is based on hierarchical clustering analysis, and its main objective is identifying a sufficiently small set of roles that cover as large a proportion of the user-permission assignments as possible. To evaluate the performance of the algorithm, multiple real-world data sets representing diverse access control scenarios are utilized. The evaluation focuses on comparing various binary similarity measures, with the goal of determining the most suitable characteristics of a binary similarity measure to be used for role mining. The evaluation of different binary similarity measures provides insights into their effectiveness in achieving accurate role definitions to be used as a foundation for constructing meaningful roles. Ultimately, this research contributes to the advancement of role mining methodologies, facilitating improved access control systems that align with organizational needs and enhance security and efficiency., Role engineering går ut på att identifiera en komplett uppsättning roller som återspeglar strukturen i en organisation och är en viktig uppgift när organisationer övergår till rollbaserad åtkomstkontroll. Role mining är en datadriven metod som använder data mining-tekniker på användarnas behörighetstilldelningar för att automatiskt härleda dessa roller. Dessa tilldelningar kan representeras som binär data. Att enbart förlita sig på datadrivna metoder leder dock ofta till att en stor uppsättning svårtolkade roller genereras. För att adressera denna begränsning har en role mining-algoritm utvecklas i det här arbetet. Genom att applicera algoritmen på den binära tilldelningsdatan kan de erhållna resultaten betraktas som ett inledande steg i role engineering-processen. Syftet är att effektivisera arbetet med att definiera semantiskt meningsfulla roller, där mänsklig analys är en oundviklig fas. Algoritmen är baserad på hierarkisk klustring och har som huvudsyfte att identifiera en lagom stor uppsättning roller som täcker så stor del av behörighetstilldelningarna som möjligt. För att utvärdera algoritmens prestanda appliceras den på flertalet datamängder insamlade från varierande verkliga åtkomstkontrollsystem. Utvärderingen fokuserar på att jämföra olika binära likhetsmått med målet att bestämma de mest lämpliga egenskaperna för ett binärt likhetsmått som ska användas för role mining. Utvärderingen av olika binära likhetsmått ger insikter i deras effektivitet att uppnå korrekta rolldefinitioner som kan användas som grund för att konstruera meningsfulla roller. Denna forskning bidrar till framsteg inom role mining och syftar till att underlätta övergången till rollbaserad åtkomstkontroll samt förbättra metoderna för att identifiera roller som överensstämmer med organisationsbehov och förbättrar säkerhet och effektivitet.

Published

2023

28. Smart Contract-Based Access Control for the Internet of Things

Author

Zhang, Yuanyu, Kasahara, Shoji, Shen, Yulong, Jiang, Xiaohong, Wan, Jianxiong, Zhang, Yuanyu, Kasahara, Shoji, Shen, Yulong, Jiang, Xiaohong, and Wan, Jianxiong

Abstract

This paper investigates a critical access control issue in the Internet of Things (IoT). In particular, we propose a smart contract-based framework, which consists of multiple access control contracts (ACCs), one judge contract (JC) and one register contract (RC), to achieve distributed and trustworthy access control for IoT systems. Each ACC provides one access control method for a subject-object pair, and implements both static access right validation based on predefined policies and dynamic access right validation by checking the behavior of the subject. The JC implements a misbehavior-judging method to facilitate the dynamic validation of the ACCs by receiving misbehavior reports from the ACCs, judging the misbehavior and returning the corresponding penalty. The RC registers the information of the access control and misbehavior-judging methods as well as their smart contracts, and also provides functions (e.g., register, update and delete) to manage these methods. To demonstrate the application of the framework, we provide a case study in an IoT system with one desktop computer, one laptop and two Raspberry Pi single-board computers, where the ACCs, JC and RC are implemented based on the Ethereum smart contract platform to achieve the access control.

Published

2023

29. The Bitcoin Network as Platform for Trans-Organizational Attribute Authentication

Author

Jason, Paul Cruz, Kaji, Yuichi, Jason, Paul Cruz, and Kaji, Yuichi

Abstract

The role-based access control (RBAC) is a natural and versatile model of the access control principle. In the real world, it is common that an organization provides a service to a user who owns a certain role that was issued by a different organization. However, such a trans-organizational RBAC is not common in a computer network because it is difficult to establish both the security that prohibits malicious impersonation of roles and the flexibility that allows small organizations/individual users to fully control their own roles. This study proposes a system that makes use of Bitcoin technology to realize a trans-organizational RBAC mechanism. Bitcoin, the first decentralized digital currency, is a payment network that has become a platform for innovative ideas. Bitcoin’s technology, including its protocol, cryptography, and open-source nature, has built a good reputation and has been applied in other applications, such as trusted timestamping. The proposed system uses Bitcoin technology as a versatile infrastructure to represent the trust and endorsement relationship that are essential in RBAC and to realize a challenge-response authentication protocol that verifies a user's ownership of roles., WEB2015 : The Third International Conference on Building and Exploring Web Based Environments , May 24-29, 2015 , Rome, Italy

Published

2023

30. Role of Building Automation Technology in Creating a Smart and Sustainable Built Environment

Author

Singh, Dhawan, Singh, Abinash, Singh, Dhawan, and Singh, Abinash

Abstract

In today's modern society, people are getting more conscious of the built environment's energy efficiency and sustainability. Sustainable architectural design reduces negative environmental effect by improving energy efficiency, health, comfort, safety, livability for inhabitants, and the ecosystem at large. Other considerations include effective maintenance and optimization of the resources. All of this is achieved by incorporating appropriate technology within the building. Recent developments in the field of IoT, cloud computing, machine learning, artificial intelligence, and other smart wireless technologies could support solutions for building automation systems. Therefore, it is utmost important to determine the potential of these cutting-edge and smart wireless technologies for building automation and management. In this research work, the role of building technologies in creating a smart and sustainable built environment is identified and discussed. To emphasize the importance, a survey is being conducted to identify the current demand for building management systems, as well as their awareness and present scenario.

Published

2023

31. Combining IOTA and Attribute-Based Encryption for Access Control in the Internet of Things

Author

Zhang, Yuanyu, Nakanishi, Ruka, Sasabe, Masahiro, Kasahara, Shoji, Zhang, Yuanyu, Nakanishi, Ruka, Sasabe, Masahiro, and Kasahara, Shoji

Abstract

Unauthorized resource access represents a typical security threat in the Internet of Things (IoT), while distributed ledger technologies (e.g., blockchain and IOTA) hold great promise to address this threat. Although blockchain-based IoT access control schemes have been the most popular ones, they suffer from several significant limitations, such as high monetary cost and low throughput of processing access requests. To overcome these limitations, this paper proposes a novel IoT access control scheme by combining the fee-less IOTA technology and the Ciphertext-Policy Attribute-Based Encryption (CP-ABE) technology. To control the access to a resource, a token, which records access permissions to this resource, is encrypted by the CP-ABE technology and uploaded to the IOTA Tangle (i.e., the underlying database of IOTA). Any user can fetch the encrypted token from the Tangle, while only those who can decrypt this token are authorized to access the resource. In this way, the proposed scheme enables not only distributed, fee-less and scalable access control thanks to the IOTA but also fine-grained attribute-based access control thanks to the CP-ABE. We show the feasibility of our scheme by implementing a proof-of-concept prototype system using smart phones (Google Pixel 3XL) and a commercial IoT gateway (NEC EGW001). We also evaluate the performance of the proposed scheme in terms of access request processing throughput. The experimental results show that our scheme enables object owners to authorize access rights to a large number of subjects in a much (about 5 times) shorter time than the existing access control scheme called Decentralized Capability-based Access Control framework using IOTA (DCACI), significantly improving the access request processing throughput.

Published

2023

32. Access Management in Organizations : A Comprehensive Study and Scenario-based Analysis

Author

Bergström, Anna, Berghäll, Emily, Bergström, Anna, and Berghäll, Emily

Abstract

Access management is an important part of the security of an organization as it limits access to sensitive material such as code and files. Therefore, access management can be a vital part of preventing leaks of information in regard to company-sensitive information or information about employees or users. A technique that can be used to handle access management is the use of access control models. This thesis conducts a literature study and scenario-based evaluations of 12 access control models with the aim of creating recommendations and a roadmap for choosing access control models for different organizations. The most common factors of the chosen access control models are adaptability, flexibility, and high security. The 12 chosen access control models were chosen because they were deemed the best fit for organizations in the technology industry. Other models could be chosen depending on the industry or environment, which will yield different results but the roadmap can still be tailored. The scenario-based organization focuses on five main parameters within the evaluation: attribute definition, economy, control authorities, organization, and security. These are determined by taking the average of the sub-parameters of each main parameter, this is done for each access control model resulting in a total average. The scenarios conducted are of differently-sized organizations namely: small, growing, and large. For each scenario, the main parameters were weighted which resulted in new averages which in turn resulted in recommendations for each scenario. The results present recommendations for each scenario both in the form of a single access control model that can be used but also in the form of access control model combinations that can help reach more of the priorities parameters for each scenario. Further, the thesis can be viewed as a roadmap for organizations that can be tailored to fit individual needs and priorities by altering the parameter weights.

Published

2023

33. Attribute-Based Approaches for Secure Data Sharing in Industrial Contexts

Author

Chiquito, Alex, Bodin, Ulf, Schelén, Olov, Chiquito, Alex, Bodin, Ulf, and Schelén, Olov

Abstract

The sharing of data is becoming increasingly important for the process and manufacturing industries that are using data-driven models and advanced analysis to assess production performance and make predictions, e.g., on wear and tear. In such environments, access to data needs to be accurately controlled to prevent leakage to unauthorized users while providing easy to manage policies. Data should further be shared with users outside trusted domains using encryption. Finally, means for revoking access to data are needed. This paper provides a survey on attribute-based approaches for access control to data, focusing on policy management and enforcement. We aim to identify key properties provided by attribute-based access control (ABAC) and attribute-based encryption (ABE) that can be combined and used to meet the abovementioned needs.We describe such possible combinations in the context of a proposed architecture for secure data sharing. The paper concludes by identifying knowledge gaps to provide direction to future research on attribute-based approaches for secure data sharing in industrial contexts., Validerad;2023;Nivå 2;2023-02-13 (hanlid);Funder: Arrowhead Tools Research Project (826452)

Published

2023

34. Implementing a Zero Trust Environmentfor an Existing On-premises Cloud Solution

Author

Pero, Victor, Ekman, Linus, Pero, Victor, and Ekman, Linus

Abstract

This thesis project aimed to design and implement a secure system for handling and safeguarding personal data. The purpose of the work is to prevent unauthorized actors from gaining access to systems and data. The proposed solution is a Zero Trust architecture which emphasizes strong security measures by design and strict access controls. The system must provide minimal access for users and should be integrated with the existing cloud-based infrastructure. The result is a system that leverages Keycloak for identity management and authentication services, GitLab to provide a code hosting solution, GPG for commit signing, and OpenVPN for network access. Through the utilization of Gitlab, Keycloak and OpenVPN the system achieved a comprehensive design for data protection, user authentication and network security. This report also highlights alternative methods, future enhancements and potential improvements to the completed system., Målet med denna rapport är att designa och implementera ett säkert system för hantering och skydd av personlig data. Syftet med arbetet är att förhindra obehöriga att få tillgång till system och data. Den föreslagna lösningen är en Zero Trustarkitektur som betonar skärpta säkerhetsåtgärder genom design och strikta åtkomstkontroller. Systemet måste ge minimal åtkomst för användare som brukar det och integreras med den befintliga molnbaserade infrastrukturen. Resultatet är ett system som använder Keycloak för hantering av identiteter och autentisering, GitLab för att tillhandahålla ett kodarkiv där användare kan ladda upp sin kod, GPG för att signera commits, och OpenVPN för nätverksåtkomst. Genom användning av GitLab, Keycloak och OpenVPN uppnådde systemet en omfattande design för dataskydd, användarautentisering och nätverkssäkerhet. Denna rapport nämner också alternativa metoder, framtida och potentiella förbättringar av det färdiga systemet.

Published

2023

35. Securing Data in a Cloud Environment: Access Control, Encryption, and Immutability

Author

Al Khateeb, Ahmad, Summaq, Abdulrazzaq, Al Khateeb, Ahmad, and Summaq, Abdulrazzaq

Abstract

The amount of data and the development of new technologies used by all society-critical organizations are increasing dramatically. In parallel, data breaches, cyber-attacks, and their devastating consequences are also on the rise, as well as the number of individuals and organizations that are potential targets for such attacks. This places higher demands on security in terms of protecting data against cyber-attacks and controlling access to data that authenticated users want to access. The paper focuses on studying concepts of secure data practices in a GitLab-based cloud environment. The objective is to give answers to questions such as how to ensure the guarantee of secure data and protect it from unauthorized access and changes. The work behind this thesis includes exploring techniques for access control, data encryption, and data immutability. The study is followed by an implementation project that includes fetching code from GitLab verifying user identity and access control, managing data access, and displaying the results. The results of the thesis demonstrate the effectiveness of the implemented security measures in protecting data and controlling access., Mängden av data och utvecklingen av banbrytande teknologier som idag används av alla samhällsbärande organisationer ökar drastiskt. I samma takt ökar dataintrång, cyberattacker och dess förödande konsekvenser samt antalet personer och organisationer som utgör potentiella offer för sådana typer av attacker. Detta ställer högre krav på säkerheten när det gäller att skydda data mot cyberattacker, men även att kontrollera åtkomsten till data som autentiserade användare vill komma åt. Rapporten fokuserar på att studera hur data säkras i GitLab-baserade molnsystem. Syftet med detta arbete är att ge svar på frågeställningar som till exempel att lova säker åtkomst och skydd för data från obehörig åtkomst och ändringar. Arbetet bakom detta projekt inkluderade undersökning av tekniker som används inom accesskontroll, datakryptering och data-omutlighet. Studien resulterade i en implementation som möjliggör att hämta signerade ändringar (Commits) från GitLab, verifiera användaridentiteten och åtkomstbehörighet, hantera dataåtkomst samt presentera resultaten. Resultaten av detta examensarbete demonstrerar effektiviteten av den implementerade säkerhetsteknikerna i att skydda data och kontrollera access.

Published

2023

36. Automatic Hybrid Access Control in SCADA-Enabled IIoT Networks Using Machine Learning

Author

Usman, Muhammad, Sarfraz, Muhammad Shahzad, Habib, Usman, Aftab, Muhammad Umar, Javed, Saleha, Usman, Muhammad, Sarfraz, Muhammad Shahzad, Habib, Usman, Aftab, Muhammad Umar, and Javed, Saleha

Abstract

The recent advancements in the Internet of Things have made it converge towards critical infrastructure automation, opening a new paradigm referred to as the Industrial Internet of Things (IIoT). In the IIoT, different connected devices can send huge amounts of data to other devices back and forth for a better decision-making process. In such use cases, the role of supervisory control and data acquisition (SCADA) has been studied by many researchers in recent years for robust supervisory control management. Nevertheless, for better sustainability of these applications, reliable data exchange is crucial in this domain. To ensure the privacy and integrity of the data shared between the connected devices, access control can be used as the front-line security mechanism for these systems. However, the role engineering and assignment propagation in access control is still a tedious process as its manually performed by network administrators. In this study, we explored the potential of supervised machine learning to automate role engineering for fine-grained access control in Industrial Internet of Things (IIoT) settings. We propose a mapping framework to employ a fine-tuned multilayer feedforward artificial neural network (ANN) and extreme learning machine (ELM) for role engineering in the SCADA-enabled IIoT environment to ensure privacy and user access rights to resources. For the application of machine learning, a thorough comparison between these two algorithms is also presented in terms of their effectiveness and performance. Extensive experiments demonstrated the significant performance of the proposed scheme, which is promising for future research to automate the role assignment in the IIoT domain., Validerad;2023;Nivå 2;2023-04-14 (joosat);Part of special Issue "Security and Privacy in IoT-Enabled Smart Environments";Licens fulltext: CC BY License

Published

2023

37. Edge-enabled Zero Trust Architecture for ICPS with Spatial and Temporal Granularity

Author

Lei, Wenxin, Pang, Zhibo, Wen, Hong, Hou, Wenjing, Zhang, Xiaoling, Lei, Wenxin, Pang, Zhibo, Wen, Hong, Hou, Wenjing, and Zhang, Xiaoling

Abstract

Motivated by the rapid advancement of industrial cyber-physical systems (ICPS) and rising voices in favor of zero trust (ZT) security, in this paper, we present an edge-enabled zero trust architecture (ZTA) for ICPS. ZT is thought to be relevant to ICPS with the spatial and temporal granularity in the suggested architecture. In addition to continuous authentication and a dynamic access-control mechanism at the temporal granularity, we recommend edge segmentation at the spatial granularity with microservices as the division units. Finally, we conduct a security assessment of the proposed architecture in the presence of threats faced by ICPS. Overall, our analysis shows that the proposed ZTA helps to promote the security of ICPS., Part of ISBN 9798350311259QC 20230712

Published

2023

38. Profile Based Access Control Model Using JSON Web Tokens

Author

Albayati, Mustafa, Murjan, Aslan, Albayati, Mustafa, and Murjan, Aslan

Abstract

Currently at Axis, a local role-based access control system is used in devices, which forces the user credentials to be directly installed on the individual devices and the limited selection of roles does not allow for fine-grained access rights. This creates an administrative nightmare in a large scale network and leads to elevated privileges. Instead of this approach a profile based access control can be used. The goal of this thesis work was to design an access control system for profile based access control, utilizing JSON Web Tokens (JWT) for distribution. How pro- file based access control works was investigated and the possibilities of enforcing dynamic, user defined and distributed profiles were explored in contrast to static access tables. This system allows an admin to create custom access control pro- files depending on the use case, instead of being limited by the roles or profiles preinstalled on the device. Open ID Connect was used for user authentication and authorization of profiles. The system’s design was implemented through an ambitious Proof-of-Concept (PoC) that encompassed numerous components with the primary objective of evaluating the feasibility of incorporating the proposed idea into an actual pro- duction system. The innovative features of the resulting system design have been condensed and included in a patent application, which was subsequently filed by Axis., With advances in computing technologies, IoT devices can be more capable than ever. Some of these devices offer advanced functionalities and run complete operating systems, not very different from the one you are using right now. This thesis work addresses the access control challenges surrounding a large network of such devices.

Published

2023

39. Tenant Separation on a multi-tenant microservice platform

Author

Sandqvist, Axel and Sandqvist, Axel

Abstract

Axis Communications wishes to investigate their PaaS system, Axis Connected Services(ACX), with regard to separation of the tenants of the platform to ensure the implemented separation technologies are used correctly and to find out whether more separation is necessary. ACX ties together several previously separate services under a single umbrella, with the goal of improving usability and increasing inter-service functionalities and centralisation of the software products Axis has developed for their devices. This thesis investigates alternative tenant separation technologies especially for data at rest and access management but also for data in use. The different technologies for at rest separation are logical separation, separate schema, separate encryption and separate database. For access management 6 technologies are presented; the three models access control list(ACL), role based access control(RBAC) and attribute based access control(ABAC), and also three specifically multitenant technologies for access management; Secure logical isolation for multitenancy(SLIM), Obejct tag access control strategy (OTACS) and Key insulated attribute based data retrieval scheme with keyword search (KI-ABDR-KS). Data in use separation technologies are shared instances, division of processing, VM separation and server separation. The technologies above and ACX's implementation are analysed and compared to arrive at a resulting proposition for the tenancy separation and access management solutions for ACX. The investigation found that as ACX contained minimal sensitive information, separate database and encryption are too complex and costly to be worth the increased confidentiality, and separate schema is not an increase in separation compared to a well implemented logical separation solution. Access management is too decentralised and opaque in access enforcement, thus centralisation of access evaluation through a policy agent is proposed. To enforce tenant separation during ses, Why and how shared resources in the cloud can isolate users Cloud systems share resources between many unaffiliated users, and to preserve confidentiality a compromise must be made between cost and isolation. How can resources be optimally utilised and also provide adequate isolation of users in a cloud system? Shared resources for all users of a system, even those belonging to separate organisations- or tenants- can cause breaches in confidentiality if not handled with care. Improper authentication, authorisation or enforcement of policies set up by the system could cause data leaks and since the system is multi-tenant this could be to anyone in the system, not just within one organisation. To ensure tenant trust in the system, assurance of a stable system with decreased risk of data leaks especially between tenants but also within, is crucial. Essential mitigations for this are clear and concise demarcations between the tenants, my project answers how this is realised with reasonable assurance without significant costs. The thesis' goal was to investigate the tenant separation of Axis Communication's platform ACX, which offers device management services. During analysis, room for improvement was found and a new design is proposed, suggesting increased clarity in enforcement of the separation between user data when querying databases, and a central access evaluation unit for increased maintainability and homogeneity for the otherwise diverse system. Some interesting observations were found during the project. Increasing the separation within databases doesn't necessarily increase confidentiality, this is instead wholly dependent on how the data is fetched. Most technologies with greater separation between tenants shift the responsibility from the developers of the system to the infrastructure/the platform, where separate instances or entities are used to help keep data apart. This leads to increased costs since these divisions don't scale as well and requires addit

Published

2023

40. Authentication-enabled attribute-based access control for smart homes

Author

Bıçakçı, Kemal, Burakgazi Bilgen, Melike, Abul, Osman, Bıçakçı, Kemal, Burakgazi Bilgen, Melike, and Abul, Osman

Abstract

Smart home technologies constantly bring significant convenience to our daily lives. Unfortunately, increased security risks accompany this convenience. There can be severe consequences when unauthorized or malicious users gain access to smart home devices. Therefore, dependable and comprehensive access control models are needed to address the security concerns. To this end, the attribute-based access control (ABAC) model is usually considered the most satisfactory access control model for running IoT applications. However, the uncertainty left with the authentication stage should be carried to the authorization policy specification. In this work, we extend the ABAC model by carrying the assurance level of user authentication obtained from biometric authentication systems for authorization. The extended ABAC model quantifies how far the authentication matching score is from the predefined threshold. This quantification serves as a regular attribute like others to define authorization policies. The novelty in this quantification is that it consults false matching rate and hence can easily normalize across wide range of biometric authentication devices and algorithms. As a result, the resulting access control policies are concise and easy to comprehend. Moreover, our model is fine-grained in that different access policies can be specified for each smart device functionality. This work also shows, through case studies, that the extended ABAC model is feasible and implementable in XACML language.

Published

2023

41. Authentication-enabled attribute-based access control for smart homes

Author

Burakgazi Bilgen, Melike, Bıçakçı, Kemal, Abul, Osman, Burakgazi Bilgen, Melike, Bıçakçı, Kemal, and Abul, Osman

Abstract

Smart home technologies constantly bring significant convenience to our daily lives. Unfortunately, increased security risks accompany this convenience. There can be severe consequences when unauthorized or malicious users gain access to smart home devices. Therefore, dependable and comprehensive access control models are needed to address the security concerns. To this end, the attribute-based access control (ABAC) model is usually considered the most satisfactory access control model for running IoT applications. However, the uncertainty left with the authentication stage should be carried to the authorization policy specification. In this work, we extend the ABAC model by carrying the assurance level of user authentication obtained from biometric authentication systems for authorization. The extended ABAC model quantifies how far the authentication matching score is from the predefined threshold. This quantification serves as a regular attribute like others to define authorization policies. The novelty in this quantification is that it consults false matching rate and hence can easily normalize across wide range of biometric authentication devices and algorithms. As a result, the resulting access control policies are concise and easy to comprehend. Moreover, our model is fine-grained in that different access policies can be specified for each smart device functionality. This work also shows, through case studies, that the extended ABAC model is feasible and implementable in XACML language.

Published

2023

42. Ownership based access control through non fungible tokens

Author

Universitat Politècnica de Catalunya. Departament d'Enginyeria Telemàtica, Entrust Datacard, Fernández Jara, Juan Carlos, Muñoz Tapia, José Luis, Fortià Ramirez, Gabriel, Universitat Politècnica de Catalunya. Departament d'Enginyeria Telemàtica, Entrust Datacard, Fernández Jara, Juan Carlos, Muñoz Tapia, José Luis, and Fortià Ramirez, Gabriel

Abstract

During the past years a concept that has emerged in the Blockchain space is tokenization, which is the process of transforming ownerships and rights of assets owned by an individual into a digital form. Thanks to tokenization, internet services can now leverage access control systems that do not grant access based on identity (who you are) but rather on ownership (what you own). These types of systems can be classified as Ownership Based Access Control (OBAC) systems. The aim of this project is to prove the viability and compatibility with the current authorization paradigm of these kind of systems by implementing an access control enforcement service for digital resources based on the ownership of Non-Fungible Tokens (NFTs). The results show that OBAC is feasible and can be integrated with the existing industry-standard protocols for authorization. It has been proved that, by using OBAC users no longer have to disclose their identity when accessing a service, resulting in improved privacy. Furthermore, access to a digital service becomes transferable and tradeable if its access is based on ownership of a NFT., Durante los últimos años, un concepto que ha ganado popularidad en el ecosistema Blockchain es la tokenización, que es el proceso de transformar registros de propiedad y derechos sobre activos en un formato digital. Gracias a la tokenización, los servicios de internet pueden implementar sistemas de control de acceso que dejan pasar en base a tus posesiones (que tienes), en lugar de hacerlo basándose en tu identidad (quien eres). Estos sistemas pueden clasificarse como sistemas de `Control de Acceso Basado en la Propiedad (CABP). El objetivo de este proyecto es demostrar la viabilidad y compatibilidad con el paradigma de autorización actual de este tipo de sistemas, mediante la implementación de un servicio de control de acceso para recursos digitales basado en la propiedad de Tokens No Fungibles (NFTs). Los resultados muestran que el CABP es viable y puede integrarse con los protocolos estándar ya existentes de la industria de la autorización. Ha sido demostrado que utilizando CABP los usuarios ya no deben revelar su identidad para acceder a un servicio, resultando en una mejora de la privacidad. Además, el acceso a servicios digital resulta transferible y comercializable si su acceso está basado en la posesión de un NFT., Durant els últims anys un concepte que ha guanyat popularitat en l'ecosistema Blockchain és la tokenització, que és el procés de transformar registres de propietat i drets sobre actius en un format digital. Gràcies a la tokenització, els serveis d'internet poden implementar sistemes de control d'accés que deixen passar basant-se en les teves possessions (que tens), en lloc de fer-ho basant-se en la teva identitat (qui ets). Aquests sistemes es poden classificar com a sistemes de Control d'Accés Basat en la Propietat (CABP). L'objectiu d'aquest projecte és demostrar la viabilitat i compatibilitat amb el paradigma d'autorització actual d'aquest tipus de sistemes, mitjançant la implementació d'un servei de control d'accés per a recursos digitals basat en la propietat de Tokens No Fungibles (NFTs). Els resultats mostren que el CABP és viable i pot ser integrat amb els protocols estàndard ja existents de la indústria de l'autorització. Ha sigut demostrat que fent servir CABP els usuaris ja no han de revelar la seva identitat per accedir a un servei, resultant en una millora de la privacitat. A més, l'accés a serveis digital esdevé transferible i comercialitzable si el seu accés és basat en la possessió d'un NFT.

Published

2023

43. Internet censorship in the European Union

Author

Fabian, Benjamin, Lessmann, Stefan, Milan, Stefania, Ververis, Vasilis, Fabian, Benjamin, Lessmann, Stefan, Milan, Stefania, and Ververis, Vasilis

Abstract

Diese Arbeit befasst sich mit Internetzensur innnerhalb der EU, und hier insbesondere mit der technischen Umsetzung, das heißt mit den angewandten Sperrmethoden und Filterinfrastrukturen, in verschiedenen EU-Ländern. Neben einer Darstellung einiger Methoden und Infrastrukturen wird deren Nutzung zur Informationskontrolle und die Sperrung des Zugangs zu Websites und anderen im Internet verfügbaren Netzdiensten untersucht. Die Arbeit ist in drei Teile gegliedert. Zunächst werden Fälle von Internetzensur in verschiedenen EU-Ländern untersucht, insbesondere in Griechenland, Zypern und Spanien. Anschließend wird eine neue Testmethodik zur Ermittlung der Zensur mittels einiger Anwendungen, welche in mobilen Stores erhältlich sind, vorgestellt. Darüber hinaus werden alle 27 EU-Länder anhand historischer Netzwerkmessungen, die von freiwilligen Nutzern von OONI aus der ganzen Welt gesammelt wurden, öffentlich zugänglichen Blocklisten der EU-Mitgliedstaaten und Berichten von Netzwerkregulierungsbehörden im jeweiligen Land analysiert., This is a thesis on Internet censorship in the European Union (EU), specifically regarding the technical implementation of blocking methodologies and filtering infrastructure in various EU countries. The analysis examines the use of this infrastructure for information controls and the blocking of access to websites and other network services available on the Internet. The thesis follows a three-part structure. Firstly, it examines the cases of Internet censorship in various EU countries, specifically Greece, Cyprus, and Spain. Subsequently, this paper presents a new testing methodology for determining censorship of mobile store applications. Additionally, it analyzes all 27 EU countries using historical network measurements collected by Open Observatory of Network Interference (OONI) volunteers from around the world, publicly available blocklists used by EU member states, and reports issued by network regulators in each country.

Published

2023

44. WebDSL: Linguistic Abstractions for Web Programming

Author

Groenewegen, D.M. (author) and Groenewegen, D.M. (author)

Abstract

Information systems store and organize data, and manage business processes concerned with that data. Information systems aim to support operations, management and decision-making in organizations. Web applications are ideal for implementing information systems. Although existing web frameworks provide abstractions for creating web applications, there are three major issues with current web frameworks. Insufficient or leaky abstraction: web programming concerns are not sufficiently covered or abstractions contain accidental complexity. Lack of static verification: application faults are not removed during development. Security flaws: web application security issues are not sufficiently addressed in the framework, web programmers are exposed to many possible security faults. How can the benefits of web frameworks be provided for web programming while avoiding the major issues of abstraction, static verification, and security? We propose a domain-specific language (DSL) solution. The challenge is to design a language that provides abstractions for all kinds of web programming tasks with the web framework issues in mind. We designed multiple sublanguages to address web programming concerns, and integrated them to form the WebDSL web programming language. WebDSL incorporates better abstraction for web programming concepts, has static checks on the application code with accurate error reporting, and automatically addresses security concerns in the code generation and runtime. The primary concerns in web programming are user interfaces and data handling. Which features do we need from a user interface language? These features include both the rendering of data persisted in the database, as well as providing input-handling components to enter new data and update existing data. Additionally, data invariants need to be enforced by the system. How can a DSL provide these features in an integrated way? These are language-design challenges that are investig, Prof.dr. E. Visser (Delft University of Technology) was the original promotor and supervisor of this research until his untimely passing on April 5th, 2022., Programming Languages

Published

2023

45. Dynamic Access Control for Industrial Systems

Author

Leander, Björn and Leander, Björn

Abstract

Industrial automation and control systems (IACS) are taking care of our most important infrastructures, providing electricity and clean water, producing medicine and food, along with many other services and products we take for granted. The continuous, safe, and secure operation of such systems are obviously of great importance. Future iterations of IACS will look quite different from the ones we use today. Modular and flexible systems are emerging, powered by technical advances in areas such as artificial intelligence, cloud computing, and motivated by fluctuating market demands and faster innovation cycles. Design strategies for dynamic manufacturing are increasingly being adopted. These advances have a fundamental impact on industrial systems at component as well as architectural level. As a consequence of the changing operational requirements, the methods used for protection of industrial systems must be revisited and strengthened. This for example includes access control, which is one of the fundamental cyber­security mechanisms that is hugely affected by current developments within IACS. The methods currently used are static and coarse-grained and therefore not well suited for dynamic and flexible industrial systems. A transition in security model is required, from implicit trust towards zero-trust, supporting dynamic and fine-grained access control. This PhD thesis discusses access control for IACS in the age of Industry 4.0, focusing on dynamic and flexible manufacturing systems. The solutions pre­sented are applicable at machine-to-machine as well as human-to-machine in­teractions, using a zero-trust strategy. An investigation of the current state of practice for industrial access control is provided as a starting point for the work. Dynamic systems require equally dynamic access control policies, why several approaches on how dynamic access control can be achieved in indus­trial systems are developed and evaluated, covering strategies for policy for­mula, Vi tar för givet att det alltid ska finnas el, rent dricksvatten, mat och läkemedel. Många av våra grundläggande behov tillgodoses tack vare produkter som är beroende av industriella styrsystem. Att skyddas dessa system ifrån störningar är följaktligen ytterst viktigt. Vi är mitt i ett teknikskifte som brukar kallas "Industri 4.0" och som innebär att framtidens industriella system kommer skilja sig avsevärt ifrån dagens. Förän­dringen drivs bland annat av nya krav och förväntningar, exempelvis på ko­rtare tid mellan ide och produktion, möjlighet att anpassa produktionen till snabba marknadsförändringar och tillverkning av individuellt anpassade pro­dukter. Flexibla och skalbara lösningar krävs för att kunna uppfylla dessa krav, till skillnad från dagens system som i allmänhet är utvecklade för massproduk­tion av en specifik produkt. Detta påverkar såväl hur produktionssystemen konstrueras som designen av varje ingående komponent. En konsekvens är att metoderna som används för att skydda dagens system måste anpassas och stärkas för att möta framtidens utmaningar. En grundläggande sådan säkerhetsfunktion är behörighetshanter­ing. Nuvarande behörighetshantering är inte tillräckligt flexibel och därmed dåligt anpassad till morgondagens dynamiska system. I denna doktorsavhandling undersöks behörighetshantering för framtidens industriella system, med fokus på de dynamiska produktionssystem som behövs för att uppfylla kraven kopplade till Industri 4.0. Med utgångspunkt från en enkätundersökning analyseras dagsläget. Förslag på flera olika tillvägagångssätt för dynamisk behörighetshantering presenteras och utvärderas, såväl med avseende på hur sådana regler kan formuleras som på hur de ska kunna upprätthållas., ARRAY, InSecTT

Published

2023

46. Beyond 'Protected' and 'Private': An Empirical Security Analysis of Custom Function Modifiers in Smart Contracts

Author

Fang, Yuzhou, Wu, Daoyuan, Yi, Xiao, Wang, Shuai, Chen, Yufan, Chen, Mengjie, Liu, Yang, Jiang, Lingxiao, Fang, Yuzhou, Wu, Daoyuan, Yi, Xiao, Wang, Shuai, Chen, Yufan, Chen, Mengjie, Liu, Yang, and Jiang, Lingxiao

Abstract

A smart contract is a piece of application-layer code running on blockchain ledgers and it provides programmatic logic via transaction-based execution of pre-defined functions. Smart contract functions are by default invokable by any party. To safeguard them, the mainstream smart contract language, i.e., Solidity of the popular Ethereum blockchain, proposed a unique language-level keyword called "modifier,"which allows developers to define custom function access control policies beyond the traditional "protected"and "private"modifiers in classic programming languages. In this paper, we aim to conduct a large-scale security analysis of the modifiers used in real-world Ethereum smart contracts. To achieve this, we design and implement a novel smart contract analysis tool called SoMo. Its main objective is to identify insecure modifiers that can be bypassed from one or more unprotected smart contract functions. This is challenging because of the complicated relationship between modifiers and their variables/functions and the ambiguity of attacker-accessible entry functions. To overcome them, we first propose a new structure, the Modifier Dependency Graph (MDG), to connect all the modifier-related control/data flows. Over MDGs, we then model system variables, generate symbolic path constraints, and iteratively test each candidate entry function. Our extensive evaluation shows that SoMo outperforms the state-of-the-art SPCon tool by detecting all its true positives and correctly avoiding 9 out of 11 false positives. It also achieves high precision of 91.2% when analyzing a large dataset of 62,464 contracts, over 400 of which were identified with bypassable modifiers. Our analysis further reveals three interesting security findings about modifiers and nine major types of modifier usage in the wild. SoMo has been integrated into an online security scanning service, MetaScan. © 2023 ACM.

Published

2023

47. Secure Cloud-Assisted Data Pub/Sub Service With Fine-Grained Bilateral Access Control

Author

Zhang, Kai, Wang, Xiwen, Ning, Jianting, Gong, Junqing, Huang, Xinyi, Zhang, Kai, Wang, Xiwen, Ning, Jianting, Gong, Junqing, and Huang, Xinyi

Abstract

Secure cloud-assisted data publish/subscribe (Pub/Sub) service provides an asynchronous method for publishers and subscribers to non-interactively exchange encrypted messages. Besides performing conjunctive subscription policy, numerous data Pub/Sub systems have recently been proposed to provide dynamic access control enforced from the publisher side to the subscriber side. However, these solutions fail to consider the following properties: (i) bilateral access control for both publishers and subscribers; (ii) the anonymity of the publisher; (iii) high matching time cost between publication and subscription. Therefore, we present P/S-BiAC, a secure and boolean cloud-assisted data Pub/Sub system with attribute-based bilateral access control that achieves authenticity and anonymity of publishers. In particular, P/S-BiAC enables cloud-based brokers to use the subscriber's trapdoor to match published data with sub-linear time complexity. Technically, we introduce a "BiAC-and-Hidden" technique to refine publication tuples and trapdoor in classic searchable symmetric encryption solutions. Moreover, we implement P/S-BiAC and evaluate its practical performance based on Enron dataset in real cloud environment. To deal with a conjunctive subscription policy, P/S-BiAC runs $27.8\textbackslash{}times $ faster for matching time cost (with $s$ -term=10) compared to state-of-the-art solutions, which demonstrates its feasibility in practical data Pub/Sub services with strong security properties.

Published

2023

48. An Adaptively Secure and Efficient Data Sharing System for Dynamic User Groups in Cloud

Author

Xu, Guowen, Xu, Shengmin, Ma, Jinhua, Ning, Jianting, Huang, Xinyi, Xu, Guowen, Xu, Shengmin, Ma, Jinhua, Ning, Jianting, and Huang, Xinyi

Abstract

Cloud computing has been widely accepted as a computing paradigm to offer high-quality data services on demand. However, it suffers from various attacks as the cloud service provider and data owners are not in the same trusted domain. To support data confidentiality, existing cloud-based systems apply cryptographic tools to issue the decryption key to data users to share data in a controlled way. However, fine-grained cloud data sharing still faces many challenges, especially when dealing with dynamic user groups. In this paper, we introduce a secure and efficient cloud-based data-sharing system with fine-grained access control and dynamic user groups. Our system enjoys 1) adaptive security in prime-order groups, 2) forward secrecy against revoked user fetches data generated before being revoked, and 3) decryption key exposure resistance against the compromise of the frequently used decryption key, where the previous solutions only concentrate on one or two above-mentioned properties. More specifically, we introduce two timestamp management mechanisms that manage the timestamp in each ciphertext to support dynamic user groups with forward secrecy. By applying the proposed timestamp management mechanisms, we introduce two novel designs of attribute-based encryption schemes with formal definition and security analyses. The proposed schemes are adaptively secure in prime-order groups under a standard assumption and support decryption key exposure resistance. We conduct theoretical analysis and experimental simulation to demonstrate the outperformance of our solutions.

Published

2023

49. The Synchronization Power (Consensus Number) of Access-Control Objects: the Case of AllowList and DenyList

Author

Davide Frey and Mathieu Gestin and Michel Raynal, Frey, Davide, Gestin, Mathieu, Raynal, Michel, Davide Frey and Mathieu Gestin and Michel Raynal, Frey, Davide, Gestin, Mathieu, and Raynal, Michel

Abstract

This article studies the synchronization power of AllowList and DenyList objects under the lens provided by Herlihy’s consensus hierarchy. It specifies AllowList and DenyList as distributed objects and shows that, while they can both be seen as specializations of a more general object type, they inherently have different synchronization power. While the AllowList object does not require synchronization between participating processes, a DenyList object requires processes to reach consensus on a specific set of processes. These results are then applied to a more global analysis of anonymity-preserving systems that use AllowList and DenyList objects. First, a blind-signature-based e-voting is presented. Second, DenyList and AllowList objects are used to determine the consensus number of a specific decentralized key management system. Third, an anonymous money transfer algorithm using the association of AllowList and DenyList objects is presented. Finally, this analysis is used to study the properties of these application, and to highlight efficiency gains that they can achieve in message passing environment.

Published

2023

50. Access Control Enforcement Architectures for Dynamic Manufacturing Systems

Author

Leander, Björn, Causevic, Aida, Lindström, Tomas, Hansson, Hans, Leander, Björn, Causevic, Aida, Lindström, Tomas, and Hansson, Hans

Abstract

Industrial control systems are undergoing a trans-formation driven by business requirements as well as technical advances, aiming towards increased connectivity, flexibility and high level of modularity, that implies a need to revise existing cybersecurity measures. Access control, being one of the major security mechanisms in any system, is largely affected by these advances.In this article we investigate access control enforcement architectures, aiming at the principle of least privilege1 in dynamically changing access control scenarios of dynamic manufacturing systems. Several approaches for permission delegation of dynamic access control policy decisions are described. We present an implementation using the most promising combination of architecture and delegation mechanism for which available industrial standards are applicable.

Published

2023